Forum Discussion

ghost-rider_124's avatar
ghost-rider_124
Icon for Nimbostratus rankNimbostratus
Jun 07, 2015

How to increase the size of upload file size in ASM

Hello Experts   How to increase the upload file size in ASM? I am using 11.2.1  
ASM Advanced WAF
deployment
security
  • Pascal_Tene_910's avatar
    Pascal_Tene_910
    Jun 08, 2015

    You can apply the following iRule to your virtual server: The "/upload" is in the path of the file you are uploading. Note that ASM is disable when uploading and malicious files could be uploaded in this particular location without detection...

     

    ++++++++++++++++ when HTTP_REQUEST { if {[HTTP::uri] contains "/upload" } { ASM::disable log local0. "ASM disabled." } else { ASM::enable /Common/ log local0. "ASM enabled. Current ASM policy is [ASM::policy]" } } +++++++++++++++++++

     

Pascal_Tene_910's avatar
Pascal_Tene_910
Historic F5 Account
Jun 11, 2015

+++ Following is A simple iRule that will disable ASM for a subset of IP addresses++++ +++ You need to create a data group that contains the list of allowed IP addresses++++

+++++++++++

ltm rule /Common/disable-asm-for-ip {

when HTTP_REQUEST {

if {( [class match [IP::client_addr] equals my-IP-list-data-group] ) } {

   ASM::disable
log local0. "ASM disabled for [IP::client_addr]."
}

else { ASM::enable "/Common/jt-vs"

log local0. "ASM enabled. Current ASM policy is [ASM::policy]"

}

}

}

++++

++++Sample data group with a list of IP addresses++++

ltm data-group internal /Common/my-IP-list-data-group {

records {
    10.12.0.32/32 { }
    10.12.0.33/32 { }
    10.12.0.34/32 { }
}
type ip

}

++++++